Dutch launch Iran IT hacking probe

September 6, 2011 in Technology / Internet

An Iranian surfs the internet at a cafe in central Tehran. The Dutch secret service has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

The Dutch secret service has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

"The secret service has opened an investigation," its spokesman Vincent van Steen told AFP, adding "it is specifically to find out who hacked the certificates."

The ministry said Monday that Internet security specialist company Fox-IT released a report noting that hackers in July falsified 531 Internet security certificates, also known as SSLs, through Dutch company DigiNotar.

SSL certificates are used to verify to visitors that a particular website is authentic and are issued by DigiNotar and other firms known as Certification Authorities. Internet users whose browsers are fooled by a false certificate could unwittingly reveal their activity to another party in what is known as a "man-in-the-middle attack."

According to Fox-IT, a number of the DigiNotar's servers were hacked and false certificates issued to websites not only that of Skype, Google, Twitter and Facebook, but also websites belonging to spy agencies the Central Intelligence Agency and and Israel's Mossad.

"It wouldn't surprise me in the end if it turns out that the Iranian government is behind it and is trying to get information it normally couldn't have, such as that from dissidents," Hans van de Looy, an expert at computer security specialist Madison Gurkha, told AFP.

Fox-IT said 99 percent of users targeted by cyber attacks were in Iran.